You are viewing an earlier version of the admin guide. For the latest version, please visit EmpowerID Admin Guide v7.211.0.0.
Port Communication Requirements
Active Directory
For EmpowerID to communicate with Active Directory environments, the following ports must be open:
135/TCP RPC
137/UDP NetBIOS
138/UDP NetBIOS
139/TCP NetBIOS
389/TCP/UDP LDAP
636/TCP LDAP SSL
3268/TCP LDAP GC
3269/TCP LDAP GC SSL
53/TCP/UDP DNS
88/TCP/UDP Kerberos
445/TCP SMB
123/UDP NTP
Internal EmpowerID Communications
The EmpowerID Management Console Windows desktop client requires the following ports be open:
HTTPS/TLS: port 443 TCP
EmpowerID server to server communications require the following ports be open:
HTTPS/TLS: port 443 TCP
EmpowerID server to SQL Database communications require the following ports be open:
Microsoft SQL Server: port 1433 TCP
The EmpowerID WAM/Reverse Proxy does not require any communication with the Microsoft SQL database. The Reverse Proxy retrieves all of its configuration data by calling the EmpowerID REST API on any front-end servers.
The below two images depict the EmpowerID Communications and Connectivity architecture. The first shows the architecture without EmpowerID WAM/Reverse Proxy, while the second shows the architecture with EmpowerID WAM/Reverse Proxy.
Figure 1: EmpowerID Communications and Connectivity Architecture
Â
Figure 2: EmpowerID Communications and Connectivity architecture with WAM/Reverse Proxy module
Â
In addition to the above, for password resets you may need to open TDP/UDP 135, as well as all RPC dynamic ports. For more information, see the following Microsoft topics: